Vulnerability CVE-2005-3737 - CERT Civis.Net

Vulnerability Name:

CVE-2005-3737 (CCN-23162)

Assigned:

2005-11-21

Published:

2005-11-21

Updated:

2011-03-08

Summary:

Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property values.

CVSS v3 Severity:

5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MISC
Type: UNKNOWN
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330894

Source: MITRE
Type: CNA
CVE-2005-3737

Source: CONFIRM
Type: UNKNOWN
http://cvs.sourceforge.net/viewcvs.py/inkscape/inkscape/src/style.cpp?r1=1.110&r2=1.110.2.1

Source: CCN
Type: SA17651
Inkscape SVG Importer Buffer Overflow Vulnerability

Source: SECUNIA
Type: Vendor Advisory
17651

Source: SECUNIA
Type: Patch, Vendor Advisory
17662

Source: SECUNIA
Type: UNKNOWN
17778

Source: SECUNIA
Type: UNKNOWN
17882

Source: SREASON
Type: UNKNOWN
58

Source: DEBIAN
Type: UNKNOWN
DSA-916

Source: DEBIAN
Type: DSA-916
inkscape -- buffer overflow

Source: CCN
Type: GLSA-200511-22
Inkscape: Buffer overflow

Source: GENTOO
Type: UNKNOWN
GLSA-200511-22

Source: CCN
Type: Inkscape Web site
Inkscape

Source: SUSE
Type: UNKNOWN
SUSE-SR:2005:028

Source: CCN
Type: OSVDB ID: 21001
Inkspace SVG Importer Overflow

Source: BID
Type: Exploit, Patch
15507

Source: CCN
Type: BID-15507
Inkscape SVG Image Buffer Overflow Vulnerability

Source: CCN
Type: USN-217-1
Inkscape vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-217-1

Source: VUPEN
Type: UNKNOWN
ADV-2005-2511

Source: CCN
Type: Ubuntu Bugzilla Bug 16689
inkscape: Arbitrary code execution when opening a malicious file

Source: XF
Type: UNKNOWN
inkscape-svg-image-bo(23162)

Source: SUSE
Type: SUSE-SR:2005:028
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:inkscape:inkscape:0.41:*:*:*:*:*:*:*

OR cpe:/a:inkscape:inkscape:0.42:*:*:*:*:*:*:*

OR cpe:/a:inkscape:inkscape:0.42.1:*:*:*:*:*:*:*

OR cpe:/a:inkscape:inkscape:0.42.2:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:inkscape:inkscape:0.41:*:*:*:*:*:*:*

OR cpe:/a:inkscape:inkscape:0.42:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20053737	V	CVE-2005-3737	2015-11-16
oval:org.debian:def:916	V	buffer overflow	2005-12-07